1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
|
Internet Engineering Task Force (IETF) M. Blanchet
Request for Comments: 7720 Viagenie
BCP: 40 L-J. Liman
Obsoletes: 2870 Netnod
Category: Best Current Practice December 2015
ISSN: 2070-1721
DNS Root Name Service Protocol and Deployment Requirements
Abstract
The DNS root name service is a critical part of the Internet
architecture. The protocol and deployment requirements for the DNS
root name service are defined in this document. Operational
requirements are out of scope.
Status of This Memo
This memo documents an Internet Best Current Practice.
This document is a product of the Internet Engineering Task Force
(IETF). It represents the consensus of the IETF community. It has
received public review and has been approved for publication by the
Internet Engineering Steering Group (IESG). Further information on
BCPs is available in Section 2 of RFC 5741.
Information about the current status of this document, any errata,
and how to provide feedback on it may be obtained at
http://www.rfc-editor.org/info/rfc7720.
Copyright Notice
Copyright (c) 2015 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Blanchet & Liman Best Current Practice [Page 1]
^L
RFC 7720 Root Name Service Requirements December 2015
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
1.1. Relationship to RFC 2870 . . . . . . . . . . . . . . . . 2
2. Protocol Requirements . . . . . . . . . . . . . . . . . . . . 3
3. Deployment Requirements . . . . . . . . . . . . . . . . . . . 3
4. Security Considerations . . . . . . . . . . . . . . . . . . . 3
5. Informative References . . . . . . . . . . . . . . . . . . . 4
Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . 5
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 6
1. Introduction
[RFC2870] discusses protocol and operational requirements for root
name servers for the Internet's domain name system (DNS) protocol
[RFC1035]. Since its publication, both protocol and operational
requirements have evolved. It makes more sense now to separate the
two sets of requirements into two separate documents. This document
only defines the protocol requirements and some deployment
requirements. The operational requirements that were defined in RFC
2870 have been removed. Operational requirements are now defined by
the Root Server System Advisory Committee of ICANN and are documented
in [RSSAC-001].
The root servers are authoritative servers of the unique [RFC2826]
root zone (".") [ROOTZONE]. They currently also serve the root-
servers.net zone. Some also serve the zone for the .arpa top-level
domain [ARPAZONE] [RFC3172]. This document describes the external
interface of the root name servers from a protocol viewpoint of the
service. It specifies basic requirements for the Internet that DNS
clients meet when interacting with a root name service over the
public Internet.
The keywords MUST, MUST NOT, REQUIRED, SHALL, SHALL NOT, SHOULD,
SHOULD NOT, RECOMMENDED, MAY, and OPTIONAL, when they appear in this
document, are to be interpreted as described in BCP 14, [RFC2119].
1.1. Relationship to RFC 2870
This document obsoletes [RFC2870].
This document and [RSSAC-001] together functionally replace
[RFC2870].
Blanchet & Liman Best Current Practice [Page 2]
^L
RFC 7720 Root Name Service Requirements December 2015
2. Protocol Requirements
This section describes the minimum high-level protocol requirements.
Operative details are documented in [RSSAC-001].
The root name service:
o MUST implement core DNS [RFC1035] and clarifications to the DNS
[RFC2181].
o MUST support IPv4 [RFC791] and IPv6 [RFC2460] transport of DNS
queries and responses.
o MUST support UDP [RFC768] and TCP [RFC793] transport of DNS
queries and responses.
o MUST generate checksums when sending UDP datagrams and MUST verify
checksums when receiving UDP datagrams containing a non-zero
checksum.
o MUST implement DNSSEC [RFC4035] as an authoritative name service.
o MUST implement extension mechanisms for DNS (EDNS(0)) [RFC6891].
3. Deployment Requirements
The root name service:
o MUST answer queries from any entity conforming to [RFC1122] with a
valid IP address.
o MUST serve the unique [RFC2826] root zone [ROOTZONE].
4. Security Considerations
This document does not specify a new protocol. However, the root
name service is a key component of the Internet architecture and play
a key role into the overall security of the Internet [RFC2826].
Specific security considerations on the DNS protocols are discussed
in their respective specifications. The security considerations on
the operational side of the root name servers are discussed in
[RSSAC-001].
Blanchet & Liman Best Current Practice [Page 3]
^L
RFC 7720 Root Name Service Requirements December 2015
5. Informative References
[ARPAZONE] IANA, ".ARPA Zone Management",
<http://www.iana.org/domains/arpa>.
[RFC768] Postel, J., "User Datagram Protocol", STD 6, RFC 768,
DOI 10.17487/RFC0768, August 1980,
<http://www.rfc-editor.org/info/rfc768>.
[RFC791] Postel, J., "Internet Protocol", STD 5, RFC 791,
DOI 10.17487/RFC0791, September 1981,
<http://www.rfc-editor.org/info/rfc791>.
[RFC793] Postel, J., "Transmission Control Protocol", STD 7,
RFC 793, DOI 10.17487/RFC0793, September 1981,
<http://www.rfc-editor.org/info/rfc793>.
[RFC1035] Mockapetris, P., "Domain names - implementation and
specification", STD 13, RFC 1035, DOI 10.17487/RFC1035,
November 1987, <http://www.rfc-editor.org/info/rfc1035>.
[RFC1122] Braden, R., Ed., "Requirements for Internet Hosts -
Communication Layers", STD 3, RFC 1122,
DOI 10.17487/RFC1122, October 1989,
<http://www.rfc-editor.org/info/rfc1122>.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997,
<http://www.rfc-editor.org/info/rfc2119>.
[RFC2181] Elz, R. and R. Bush, "Clarifications to the DNS
Specification", RFC 2181, DOI 10.17487/RFC2181, July
1997, <http://www.rfc-editor.org/info/rfc2181>.
[RFC2460] Deering, S. and R. Hinden, "Internet Protocol, Version 6
(IPv6) Specification", RFC 2460, DOI 10.17487/RFC2460,
December 1998, <http://www.rfc-editor.org/info/rfc2460>.
[RFC2826] Internet Architecture Board, "IAB Technical Comment on
the Unique DNS Root", RFC 2826, DOI 10.17487/RFC2826, May
2000, <http://www.rfc-editor.org/info/rfc2826>.
[RFC2870] Bush, R., Karrenberg, D., Kosters, M., and R. Plzak,
"Root Name Server Operational Requirements", BCP 40,
RFC 2870, DOI 10.17487/RFC2870, June 2000,
<http://www.rfc-editor.org/info/rfc2870>.
Blanchet & Liman Best Current Practice [Page 4]
^L
RFC 7720 Root Name Service Requirements December 2015
[RFC3172] Huston, G., Ed., "Management Guidelines & Operational
Requirements for the Address and Routing Parameter Area
Domain ("arpa")", BCP 52, RFC 3172, DOI 10.17487/RFC3172,
September 2001, <http://www.rfc-editor.org/info/rfc3172>.
[RFC4035] Arends, R., Austein, R., Larson, M., Massey, D., and S.
Rose, "Protocol Modifications for the DNS Security
Extensions", RFC 4035, DOI 10.17487/RFC4035, March 2005,
<http://www.rfc-editor.org/info/rfc4035>.
[RFC6891] Damas, J., Graff, M., and P. Vixie, "Extension Mechanisms
for DNS (EDNS(0))", STD 75, RFC 6891,
DOI 10.17487/RFC6891, April 2013,
<http://www.rfc-editor.org/info/rfc6891>.
[ROOTZONE] "Root Zone", <ftp://rs.internic.net/domain/root.zone>.
[RSSAC-001] Root Server System Advisory Committee (RSSAC), "Service
Expectations of Root Servers", November 2014,
<https://www.icann.org/en/system/files/files/
rssac-001-root-service-expectations-04dec15-en.pdf>.
Acknowledgements
Some text was taken from [RFC2870]. The editors of this document
would like to sincerely thank the following individuals for valuable
contributions to the text: Andrew Sullivan, Simon Perreault,
Jean-Philippe Dionne, Dave Thaler, Russ Housley, Alissa Cooper, Joe
Abley, Joao Damas, Daniel Karrenberg, Jacques Latour, Eliot Lear,
Bill Manning, David Conrad, Paul Hoffman, Terry Manderson, Jari
Arkko, and Mark Andrews.
Blanchet & Liman Best Current Practice [Page 5]
^L
RFC 7720 Root Name Service Requirements December 2015
Authors' Addresses
Marc Blanchet
Viagenie
246 Aberdeen
Quebec, QC G1R 2E1
Canada
Email: Marc.Blanchet@viagenie.ca
URI: http://viagenie.ca
Lars-Johan Liman
Netnod Internet Exchange
Box 30194
SE-104 25 Stockholm
Sweden
Email: liman@netnod.se
URI: http://www.netnod.se/
Blanchet & Liman Best Current Practice [Page 6]
^L
|
